Pushing the System Center Data Protection Manager 2012 (DPM) agent to a target computer fails with the following error:
Install protection agent on name.domain.com failed:
Error 319: The agent operation failed because of a communication error with the DPM Agent Coordinator service on name.domain.com.
Error details: The RPC server is unavailable (0x800706BA)
Recommended action: 1) Verify that name.domain.com is remotely accessible from the DPM server.
2) If a firewall is enabled on name.domain.com, make sure that it is not blocking requests from the DPM server. Refer to the DPM Deployment Guide for more information on configuring the firewall for DPM.
The DPM-Alerts event log displays the following event.
Log Name: DPM Alerts
Event ID: 370
Task Category: None
Agent operation failed. (ID: 370)
The agent operation failed because of a communication error with the DPM Agent Coordinator service on name.domain.com. (ID: 319)
The Windows firewall on the target computer blocked dpmac.exe from accepting incoming network connections.
There are two recommended ways to resolve this issue.
1. Temporarily disable the Windows Firewall on the target computer when deploying the agent. Once the installation completes the Windows Firewall can be re-enabled.
2. If you cannot disable the firewall, or if you have many servers and you do not want to edit each one individually, you can add firewall rules that will allow the incoming network connections required for the DPM agent installation process. The main benefit of this method is that you can automate the process using the commands below, allowing you to script the solution and deploy it via GPO or other methods.
These commands must be run from an elevated command prompt (Run As Administrator) and should be run on all target computers that have the firewall enabled.
NOTE DPM path and version information will need to reflect your current settings. A sample path is given below. Replace <DPMVersion> with the correct x.x.xxxx.x number.
DPM 2010 – version 3.0.7696.0
DPM 2012 – version 4.0.1908.0
DPM 2012 SP1 – version 4.1.3313.0
DPM 2012 R2 - version 4.2.1205.0
The initial command below should allow the agent to be installed:
Netsh advfirewall firewall add rule name = "dpmac" dir=in program="C:\Windows\Microsoft Data Protection Manager\DPM\ProtectionAgents\AC\<DPMVersion>\dpmac.exe" action=allow
If the command above does not allow the agent install to succeed, add following additional rules:
Netsh advfirewall firewall add rule name="Microsoft System Center 2012 R2 Data Protection Manager" dir=in program="C:\Program Files\<DPMVersion>\DPM\DPM\bin\msdpm.exe" profile=Any action=allow
Netsh advfirewall firewall add rule name="Microsoft System Center 2012 R2 Data Protection Manager Replication Agent" dir=in program="C:\Program Files\<DPMVersion>\DPM\DPM\bin\dpmra.exe" profile=Any action=allow
Netsh advfirewall firewall add rule name="Microsoft System Center 2012 R2 Data Protection Manager DCOM setting" dir=in action=allow protocol=TCP localport=135 profile=Any
Netsh advfirewall firewall set rule group="@FirewallAPI.dll,-28502" new enable=yes
Netsh advfirewall firewall add rule name="DPMAM_WCF_SERVICE" dir=in program="C:\Program Files\<DPMVersion>\DPM\DPM\bin\AMSvcHost.exe" profile=Any action=allow
Netsh advfirewall firewall add rule name="DPMAM_WCF_PORT" dir=in action=allow protocol=TCP localport=6075 profile=Any
for other considerations.
Article ID: 2621989 - Last Review: November 11, 2013 - Revision: 5.0
- Microsoft System Center Data Protection Manager 2010